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CLAIMS 

What is claimed is: 
11. A method, comprising: 

2 building a steganographic extractor to extract hidden information contained in 

3 binary images; 

4 loading the steganographic extractor during a pre-boot phase of a computer 

5 system; 

6 discovering, during the pre-boot phase, binary firmware images on which a 

7 steganographic operation has been performed to generate hidden information 

8 contained within each binary firmware image; and 

9 extracting, via the steganographic extractor during the pre-boot phase, the 
10 hidden information contained in each binary firmware image that is discovered. 

1 2. The method of claim 1 , further comprising: 

2 obtaining a digital signature contained in the hidden information that is 

3 extracted from one of the binary firmware images; 

4 comparing the digital signature with a known authentic digital signature to 

5 determine an authenticity of that binary firmware image. 

1 3. The method of claim 2, further comprising: 

2 loading the binary firmware image if is determined that the digital signature 

3 that is extracted matches the known authentic digital signature. 

1 4. The method of claim 2, further comprising: 
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2 providing a notification message to at least one of a user and a system 

3 environment log indicating the binary firmware image could not be authenticated if it 

4 is found that the digital signature that is extracted does not match the known 

5 authentic digital signature. 

1 5. The method of claim 4, further comprising: 

2 providing the user with an option to load the binary firmware image that could 

3 not be authenticated; and 

4 loading the binary firmware image if the user requests to do so; otherwise not 

5 loading the binary firmware image. 

1 6. The method of claim 1 , wherein the hidden information that is extracted 

2 contains at least one of manufacturer and versioning information, the method further 

3 comprising: 

4 obtaining said at least one of manufacturer and versioning information from 

5 the hidden information; and 

6 storing said at least one of manufacturer and versioning information Jn an 

7 asset management log. 

1 7. The method of claim 1 , further comprising: 

2 discovering both binary firmware images having hidden information and 

3 binary firmware images not having hidden information during the pre-boot phase; 

4 determine whether each of the binary firmware images is a trusted type or a 

5 non-trusted type; and 

6 directly loading a binary firmware image if it is determined to be a trusted 

7 type. 
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1 8. The method of claim 7, wherein binary firmware images discovered in a boot 

2 firmware device are deemed to be trusted, while binary firmware images stored in 

3 firmware storage that is external to the boot firmware device are deemed to be non- 

4 trusted. 

1 9. The method of claim 1 , wherein the steganographic extractor includes a 

2 replacement map that maps equivalent sequences of op codes to one another, with 

3 one of the equivalent op code sequences assigned a "0" state and the other 

4 assigned a "1 " state, the method further comprising: 

5 parsing a binary firmware image to identify replaceable op code sequences 

6 defined by the replacement map; 

7 for each replaceable op code sequence found, 

8 determining whether it corresponds to a "0" or a "1 " state; and 

9 adding the "0" or "1" state to an extracted binary string that is used to hold the 
10 hidden information that is extracted. 

1 1 0. The method of claim 9, wherein the binary firmware image is parsed 

2 backward, beginning with the end of the image. 

1 11. The method of claim 9, wherein the extracted binary string contains encrypted 

2 information, the method further comprising decrypting the extracted binary string. 

1 12. The method of claim 9, further comprising converting the extracted binary 

2 string into an alphanumeric form. 

1 13. A method comprising: 
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2 building a steganographic op code sequence replacement map comprising 

3 respective pairs of equivalent op code sequences that may be substituted for one 

4 another; 

5 augmenting a binary firmware driver having an original set of op code 

6 sequences by replacing portions of the original set of op code sequences with 

7 equivalent op code sequences in accordance with the steganographic op code 

8 sequence replacement map to embed hidden information embodied as a binary 

9 string in an augmented binary firmware driver; 

10 storing the augmented binary firmware driver on a media; 

11 storing, on a firmware storage device, a steganographic extractor configured 



12 to extract hidden information that is embedded in binary encodings using the 

13 steganographic op code sequence replacement map. 

1 14. The method of claim 13, wherein the media the augmented binary firmware 

2 driver is stored on comprises an Option ROM (read only memory) contained in one 

3 of a peripheral device or add-on card. 

1 15. The method of claim 1 3, wherein the media the augmented binary firmware 

2 driver is stored on comprises a network device configured to enable downloading of 

3 the augmented binary firmware driver. 

1 16. The method of claim 13, wherein the firmware storage device is part of a 

2 computer system manufactured by an OEIVI (original equipment manufacturer) 

3 vendor, the method further comprising: 

4 verifying proper operation of a computer system configuration that includes a 

5 computer system manufactured by the OEM and an original third party binary 
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6 firmware driver corresponding to a system component that is manufactured by a 

7 third party supplier; 

8 augmenting the original third party binary firmware driver by replacing 

9 portions of its original set of op code sequences with equivalent op code sequences 

10 in accordance with the steganographic op code sequence replacement map to 

11 embed hidden information including a digital signature known to the OEM 

12 manufacturer; 

13 storing the digital signature known to the OEM manufacturer on the computer 

14 system; and 

15 providing firmware with the computer system that is configured to 



16 authenticate binary firmware drivers by extracting any hidden information contained 

17 therein via the steganographic extractor and verifying whether a digital signature is 

18 contained in said any hidden information that matches the digital signature known to 

19 the OEM manufacturer. 



1 17. The method of claim 13, further comprising: 

2 performing a hash on the binary firmware driver to obtain a hash digest; and 

3 storing one of the hash digest or data derived from the hash digest in the 

4 hidden information. 

1 1 8. The method of claim 1 7, further comprising: 

2 encrypting the hash digest using an encryption key. 

1 19. The method of claim 13, wherein the hidden information includes asset 

2 management information. 
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1 21 . A machine-readable medium to provide instructions, which when executed 

2 perform operations, including: 

3 loading a steganographic extractor during a pre-boot phase of a computer 

4 system; 

5 discovering, during the pre-boot phase, binary firmware images on which a 

6 steganographic operation has been performed to generate hidden information 

7 embedded within each binary firmware image; and 

8 extracting, via the steganographic extractor during the pre-boot phase, the 

9 hidden information contained in each binary firmware image that is discovered. 



1 22, The machine-readable medium of claim 21 , wherein the media further 

2 includes instructions embodied as the steganographic extractor. 

1 23. The machine-readable medium of claim 21 , further comprising instructions for 

2 performing the operations of: 

3 obtaining a digital signature contained in the hidden information that is 

4 extracted from one of the binary firmware images; 

5 comparing the digital signature with a known authentic digital signature to 

6 determine an authenticity of the binary firmware image. 

1 24. The machine-readable medium of claim 21 , further comprising instructions 

2 for performing the operations of: 

3 determining op code sequences that are identifiable to the steganographic 

4 extractor as representing steganographic data; 
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5 performing a hash on a portion of a binary firmware image that includes op 

6 codes that are exclusive of the op code sequences that represent steganographic 

7 data to obtain an image hash digest; 

8 extracting an authenticated hash digest from the hidden information; and 

9 comparing the image hash digest to the authenticated hash digest to 
10 determine an authenticity of the binary firmware image. 

1 25. The machine-readable medium of claim 21 , further comprising instructions for 

2 performing the operations of: 

3 retrieving a decryption key; and 

4 decrypting the hidden information that is extracted with the decryption key to 

5 obtain the authenticated hash digest. 



1 26. The machine-readable medium of claim 21 , wherein the hidden information 

2 includes asset management information, and the machine-readable medium further 

3 includes instructions for performing the operations of: 



4 retrieving the asset management information from the hidden information that 

5 is extracted; and 

6 storing the asset management information that is retrieved. 

1 27. A system comprising: 

2 a processor; 

3 a memory, coupled to the processor; 

4 a flash device, coupled to the processor and having firmware instructions 

5 stored therein, which when executed perform operations including: 

6 loading a steganographic extractor during a pre-boot phase of a 

7 computer system into the memory; 
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8 discovering, during the pre-boot phase, binary firmware drivers 

9 containing hidden information that was embedded via a steganographic 

10 operation; and 

11 extracting, via the steganographic extractor during the pre-boot phase, 

12 the hidden information contained in each binary firmware image that is 

13 discovered. 



1 28. The system of claim 27, wherein the flash device further includes firmware 

2 instructions embodied as the steganographic extractor. 

1 29. The system of claim 27, wherein the flash device further includes firmware 

2 instructions for performing the operations of: 



3 determining op code sequences that are mapped to identify steganographic 

4 data; 

5 performing a hash on a portion of a binary firmware driver image that includes 

6 op codes that are exclusive of the op code sequences that are mapped to identify 

7 steganographic data to obtain an image hash digest; 

8 extracting an authenticated hash digest from the hidden information; and 

9 comparing the image hash digest to the authenticated hash digest to 
10 determine an authenticity of the binary firmware image. 



1 30. The system of claim 29, wherein the hidden information was encrypted using 

2 a private key and wherein the flash device further includes firmware instructions for 

3 performing the operations of: 

4 retrieving a public key stored in the computer system corresponding to the 

5 private key; and 
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6 employing the public key to decrypt the hidden information that is extracted 

7 from one of the binary firmware drivers. 
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